mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 13:53:31 +01:00
Fix #5584 - raise awareness of safer logging - warn about potentially unsafe config options
This commit is contained in:
parent
097f257078
commit
10480dff01
4
changes/bug5584
Normal file
4
changes/bug5584
Normal file
@ -0,0 +1,4 @@
|
||||
o Minor features:
|
||||
- Raise awareness of safer logging - notice user of potentially
|
||||
unsafe configuration options: logging above "notice" or
|
||||
clearning SafeLogging flag. Fixes #5584.
|
@ -1005,6 +1005,7 @@ options_act_reversible(const or_options_t *old_options, char **msg)
|
||||
int set_conn_limit = 0;
|
||||
int r = -1;
|
||||
int logs_marked = 0;
|
||||
int old_min_log_level = get_min_log_level();
|
||||
|
||||
/* Daemonize _first_, since we only want to open most of this stuff in
|
||||
* the subprocess. Libevent bases can't be reliably inherited across
|
||||
@ -1153,6 +1154,13 @@ options_act_reversible(const or_options_t *old_options, char **msg)
|
||||
control_adjust_event_log_severity();
|
||||
tor_free(severity);
|
||||
}
|
||||
if (get_min_log_level() >= LOG_INFO &&
|
||||
get_min_log_level() != old_min_log_level) {
|
||||
log_warn(LD_GENERAL, "Your log may contain sensitive information - you're "
|
||||
"logging above \"notice\". Please log safely. Don't log unless "
|
||||
"it serves an important reason. Overwrite the log afterwards.");
|
||||
}
|
||||
|
||||
SMARTLIST_FOREACH(replaced_listeners, connection_t *, conn,
|
||||
{
|
||||
log_notice(LD_NET, "Closing old %s on %s:%d",
|
||||
@ -1335,6 +1343,13 @@ options_act(const or_options_t *old_options)
|
||||
}
|
||||
#endif
|
||||
|
||||
if (options->SafeLogging_ != SAFELOG_SCRUB_ALL &&
|
||||
(!old_options || old_options->SafeLogging_ != options->SafeLogging_)) {
|
||||
log_warn(LD_GENERAL, "Your log may contain sensitive information - you "
|
||||
"disabled SafeLogging. Please log safely. Don't log unless it "
|
||||
"serves an important reason. Overwrite the log afterwards.");
|
||||
}
|
||||
|
||||
if (options->Bridges) {
|
||||
mark_bridge_list();
|
||||
for (cl = options->Bridges; cl; cl = cl->next) {
|
||||
|
Loading…
Reference in New Issue
Block a user